CVE-2025-0604

Name of the Vulnerable Software and Affected Versions Keycloak (affected versions not specified)

Description A flaw was found in Keycloak that allows users to bypass Active Directory restrictions when resetting their password. The system updates the password without performing an LDAP bind to validate the new credentials against Active Directory. This issue enables authentication bypass and could allow unauthorized access under certain conditions, permitting users with expired or disabled AD accounts to regain access in Keycloak.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.